> Date: Thu, 26 Feb 1998 09:00:27 -0500 > From: James Richardson <James.Richardson@WellmanInc.com> > To: "'samba@samba.anu.edu.au'" <samba@samba.anu.edu.au> > Subject: Password validation. > Message-ID: <01BD4295.06994430@RICHAJM> > > Greetings: > > I have been running SAMBA 1.9.16p1 under HP-UX 9.04 quite well for some > time. I have in the smb.conf security = server encrypt passwords = yes > workgroup = XX1I suppose something like "password server = PDC1" too ... Where PDC1 is NetBIOS name of primary domain controller.> where XX1 is the name of our NT domain. > Everything works as it should, passwords are being validated by our NT > servers. > > The scenario which has just happened: Users at other sites in my company > now need access to my samba systems. These users are members of other NT > Domains and are unknown by XX1. There is a trust relationship between the > local NT Domain and the foreign NT Domain. I don't know much about NT > Domains, but hopefully it is clear what I am trying to do. > > Is there another solution to this problem beside maintaining a smbpasswd > file myself on the UNIX server?Yes, there is - "netbios aliases =". For example let's have two NT domains - DOM1 and DOM2. There are domain controlers PDC1 and BDC1 in DOM1 and PDC2 and BDC2 in DOM2. UNIX name is XXX. Try this in smb.conf: [global] include = /usr/local/samba/lib/smb.conf.%L netbios name = XXX netbios aliases = YYY smb.conf.xxx (xxx is in lowercase): security = server password server = PDC1 BDC1 smb.conf.yyy (yyy is in lowercase): security = server password server = PDC2 BDC2 And restart SAMBA. And now there are on network two servers (XXX and YYY), but physically it is only one server. If a user connect to share on XXX (like \\XXX\Share) then his password is validated by PDC1 or BDC1. If a user connect to share on YYY (like \\YYY\Share) then his password is validated by PDC2 or BDC2. It works for me ... Sorry for my English, I hope you understand me ... Best regards Ludek Babor E-Mail: Babor@Glavunion.cz OS manager E-Mail: Ludek.Babor@Glavunion.cz Glavunion, a.s., Teplice Tel: +420-417-503085 Sklarska 450 Fax: +420-417-508085 416 74 Teplice FIDO: 2:423/74.13 I use MIME ISO-8859-2 friendly software.
And here is the Gotcha ! disable the NetBEUI from your clients. But, what if you need to exchange files between two machines w/o going thruogh the server ? Anyway, I think this is another one to be posted at samba-bugs; A LOT of oppl already have their Win95/NT running with NetBEUI. At 03:07 PM 2/27/98 +0100, Stefaan A Eeckels wrote:>Tom, > >> Here is the case: >> >> whenever I have a Samba drive mapped on my system, any >> open/Mycomputer open/write or even the maping operation takes from >> 2 to 10 minutes to start or show any result. >> >> After started, the operation flows normaly - it seems - but if I open >> a window/save as windows/open window everything happens again. >> >> Another loooooooooong time to open the resource. >> >> Please, this is quite anoying. >I can imagine. It's not normal behaviour though - are you sure >that your name service is running properly? >Check whether > 1. All local machines are known on the net, either > through DNS, /etc/hosts, NIS or NIS+ > 2. Your Samba server isn't set up to be a dns proxy: > dns proxy = no (in [global]) > (the default is 'yes') > 3. Your PC isn't trying to use NetBEUI to resolve > the server's name. Unless you *need* NetBEUI (but > I can't see why that would be ;-), just get rid of > it (remove it through ControlPanel->Network). > >HTH > >Stefaan >-- > >PGP key available from PGP key servers (http://www.pgp.net/pgpnet/) >___________________________________________________________________ > "Don't worry about people stealing your ideas. If your ideas > are any good, you'll have to ram them down people's throats." > -- Howard Aiken > >Attachment Converted: "C:\Program Files\Eudora\Attach\RE SAMBA digest 1605" >